New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
out-of-bounds read in archive_read_format_iso9660_read_header() #949
Comments
|
This issue was assigned CVE-2017-14501 |
|
Hi, is there any effort to fix this? How critical is for you this issue ? |
|
Hi
On Wed, Dec 13, 2017 at 08:42:11AM -0800, Leonardo Sandoval wrote:
Hi @carnil, is someone between the community is planning to fix this
issue?
Honestly, I do not know if someone is working on it. We are not
actively on Debian's side (yet), just reported the issue to "upstream"
as it was first reported in Debian bug https://bugs.debian.org/875966
Defitnively wuld be interested if we could apply a fix downstream in
Debian.
|
38 tasks
|
Per MITRE,
|
|
can anybody tell me whether this is fixed in 3.3.3-1.el8 libarchive or not. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi
The following was reported downstream in Debian in https://bugs.debian.org/875966
The reproducer (compressed with gzip), base64
oob.iso.gzistested against 5562545
The text was updated successfully, but these errors were encountered: